{"api_version":"1","generated_at":"2026-04-23T22:08:22+00:00","cve":"CVE-2004-1658","urls":{"html":"https://cve.report/CVE-2004-1658","api":"https://cve.report/api/cve/CVE-2004-1658.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-1658","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-1658"},"summary":{"title":"CVE-2004-1658","description":"Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-09-02 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17270","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17270","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://marc.info/?l=bugtraq&m=109420310631039&w=2","name":"http://marc.info/?l=bugtraq&m=109420310631039&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'Kerio Personal Firewall's Application Launch Protection Can Be' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.securityfocus.com/bid/11096","name":"http://www.securityfocus.com/bid/11096","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"Kerio Personal Firewall Application Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/12468/","name":"http://secunia.com/advisories/12468/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Secunia - Advisories - Kerio Personal Firewall Program Execution Protection Feature Bypass","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.security.org.sg/vuln/kerio4016.html","name":"http://www.security.org.sg/vuln/kerio4016.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"SIG^2 G-TEC - Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-1658","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-1658","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"1658","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kerio","cpe5":"personal_firewall","cpe6":"4.0.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"1658","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kerio","cpe5":"personal_firewall","cpe6":"4.0.16","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"1658","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kerio","cpe5":"personal_firewall","cpe6":"4.0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"1658","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kerio","cpe5":"personal_firewall","cpe6":"4.0.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"1658","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kerio","cpe5":"personal_firewall","cpe6":"4.0.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"1658","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kerio","cpe5":"personal_firewall","cpe6":"4.0.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T01:00:36.880Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.security.org.sg/vuln/kerio4016.html"},{"name":"kerio-pf-protection-dos(17270)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"},{"name":"11096","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/11096"},{"name":"12468","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/12468/"},{"name":"20040902 Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=109420310631039&w=2"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-09-02T00:00:00.000Z","descriptions":[{"lang":"en","value":"Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_MISC"],"url":"http://www.security.org.sg/vuln/kerio4016.html"},{"name":"kerio-pf-protection-dos(17270)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"},{"name":"11096","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/11096"},{"name":"12468","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/12468/"},{"name":"20040902 Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=109420310631039&w=2"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-1658","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.security.org.sg/vuln/kerio4016.html","refsource":"MISC","url":"http://www.security.org.sg/vuln/kerio4016.html"},{"name":"kerio-pf-protection-dos(17270)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17270"},{"name":"11096","refsource":"BID","url":"http://www.securityfocus.com/bid/11096"},{"name":"12468","refsource":"SECUNIA","url":"http://secunia.com/advisories/12468/"},{"name":"20040902 Kerio Personal Firewall's Application Launch Protection Can Be Disabled by Direct Service Table Restoration","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=109420310631039&w=2"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-1658","datePublished":"2005-02-20T05:00:00.000Z","dateReserved":"2005-02-21T00:00:00.000Z","dateUpdated":"2024-08-08T01:00:36.880Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-09-02 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kerio:personal_firewall:4.0.6:*:*:*:*:*:*:*","matchCriteriaId":"E6C66920-4A4F-4335-B052-44E1F92F585B"},{"vulnerable":true,"criteria":"cpe:2.3:a:kerio:personal_firewall:4.0.7:*:*:*:*:*:*:*","matchCriteriaId":"658F01AE-C211-473C-BF70-E524E4310F20"},{"vulnerable":true,"criteria":"cpe:2.3:a:kerio:personal_firewall:4.0.8:*:*:*:*:*:*:*","matchCriteriaId":"1F769FAE-CC31-4C8B-B785-1423DFC2BA3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:kerio:personal_firewall:4.0.9:*:*:*:*:*:*:*","matchCriteriaId":"CB7202BC-AD0B-41B1-B7C1-7665498C967B"},{"vulnerable":true,"criteria":"cpe:2.3:a:kerio:personal_firewall:4.0.10:*:*:*:*:*:*:*","matchCriteriaId":"38E60288-F9E6-4E7C-9B48-352277A34C85"},{"vulnerable":true,"criteria":"cpe:2.3:a:kerio:personal_firewall:4.0.16:*:*:*:*:*:*:*","matchCriteriaId":"19EA5978-64EC-4B54-BC06-20324DB0E6CC"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"1658","Ordinal":"1","Title":"CVE-2004-1658","CVE":"CVE-2004-1658","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"1658","Ordinal":"1","NoteData":"Kerio Personal Firewall 4.0 (KPF4) allows local users with administrative privileges to bypass the Application Security feature and execute arbitrary processes by directly writing to \\device\\physicalmemory to restore the running kernel's SDT ServiceTable.","Type":"Description","Title":"CVE-2004-1658"},{"CveYear":"2004","CveId":"1658","Ordinal":"2","NoteData":"2005-02-20","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"1658","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}